3 matches found
CVE-2020-26173
An incorrect access control implementation in Tangro Business Workflow before 1.18.1 allows an attacker to download documents PDF by providing a valid document ID and token. No further authentication is required...
CVE-2020-26173
creationtimestamp| type| source ---|---|--- 2020-12-18 12:46:42+00:00| seen| https://t.me/cibsecurity/21050...
CVE-2020-26173
CVE-2020-26173 concerns Tangro Business Workflow (versions before 1.18.1) with an incorrect access control implementation that lets an attacker download documents (PDF) by supplying a valid document ID and token. No further authentication is required, enabling information disclosure of documents ...